Have you ever wanted to encrypt a script so that it could only be run with the correct password? Chances are… probably not. However, in the off chance that you have, and your script is perfectly happy being piped through it’s interpreter (* See note below), then this script might work for you. I make no guarantees or claims about how secure it might be, and it requires openssl to be installed to work. You can view the code or download it yourself at my BitBucket repo for Script Encrypt.
How does it work?
Basically, it takes openssl base64 output and appends it to the end of a stub script that’s charged with collecting the password and piping the decrypted script to the script’s interpreter. I’ve even set up encrypted PHP command-line scripts this way.
Input Script, a very simple script that takes one argument and makes a plasma image:
#!/bin/bash convert -size 128x128 plasma:steelblue-steelblue $1
Output Script, with encrypted data truncated a bit.:
#!/bin/bash echo -n "Password: " read -s PASS_19662 echo export PASS_19662 tail -n 2 $0 | openssl enc -d -aes-256-cbc -base64 -pass env:PASS_19662 > /dev/null #check password. if [ $? -eq "0" ]; then tail -n 2 $0 | openssl enc -d -aes-256-cbc -base64 -pass env:PASS_19662 | PASS_19662="" /bin/bash$ exit; U2FsdGVkX1+4pTSupNtaS+oS+0S3UFdKM3w... loB/O3T0OhJ7vgOTsHK1pxg/CeDl574rfLY...
* Note: That is, you don’t pipe anything from itself, and you don’t use $0 for anything real important.